This is the documentation for an older version of Scroll PDF Exporter. Here you can view the most up-to-date version of the Scroll PDF Exporter documentation.

Scroll Exporter Security Advisory 2014-11-19

This advisory discloses a critical security vulnerability that we have found in our Scroll PDF Exporter, Scroll EPUB Exporter and Scroll EclipseHelp Exporter and fixed in a recent version of these Scroll Exporters.

  • Customers who have downloaded and installed Scroll PDF Exporter, Scroll EPUB Exporter or Scroll EclipseHelp Exporter should upgrade their existing Scroll Exporter version to fix this vulnerability.  
  • No other K15t add-ons are affected.

The vulnerability affects all versions of Scroll PDF Exporter, Scroll EPUB Exporter or Scroll EclipseHelp Exporter up to and including 3.1.3, running on all supported Confluence versions.

K15t Software is committed to improving product security. We fully support the reporting of vulnerabilities (through our support system or support@k15t.com) and we appreciate it when people work with us to identify and solve the problem.

If you have questions or concerns regarding this advisory, please raise a support request at  http://support.k15t.com/.

Confluence permission checks can be bypassed

Severity

K15t Software rates the severity level of this vulnerability as critical, according to the scale published in Severity Levels of Security Issues by Atlassian. The scale allows us to rank the severity as critical, high, moderate or low.

This is an independent assessment and you should evaluate its applicability to your own IT environment.

Description

We found a critical security problem in these products:

  • Scroll PDF Exporter
  • Scroll EclipseHelp Exporter
  • Scroll EPUB Exporter

A malicious user may use these exporters to access Confluence services, bypassing the usual Confluence permission checks. These Confluence services can be used to access and manipulate content like pages and spaces.

If Confluence is configured to grant access to anonymous users, these services can also be used by anonymous users.

There is no workaround available. Confluence administrators must upgrade these exporters to version 3.1.4

The vulnerability affects all versions of Scroll PDF Exporter, Scroll EPUB Exporter and Scroll EclipseHelp Exporter up to and including 3.1.3. It has been fixed in 3.1.4. The issue is tracked in: EXP-703 - jiraissue.placeholder.waiting.to.load jiraissue.placeholder.status

Risk Mitigation

Unfortunately there's no temporary workaround, please update your current Scroll PDF Exporter, Scroll EPUB Exporter and Scroll EclipseHelp Exporter to version 3.1.4 immediately.

Fix

This vulnerability can be fixed by upgrading your Scroll Exporter. If you have any questions, please raise a support request at http://support.k15t.com. We recommend upgrading.